我已經創建了一個簡單的加密和解密程序。我在這個程序中使用AESManaged
類。密鑰和IV由使用Rfc2898DeriveBytes
的預定義密碼派生而來。爲什麼我能夠使用AES 256Bit解密來解密已修改的加密數據
我測試我的程序如下所解釋:
- 輸入樣本文本到我的程序和捕獲的加密文本。
- 將相同的加密文本輸入到程序中,驗證的解密文本與我的原始文本相同。
- 在步驟2的加密文本中(「下一個字母」)修改「=」之前的字母並使用相同的密鑰廣告IV進行解密。我收到了原始文本。
在步驟#3我期待從程序中的錯誤,但它解密了錯誤的文本。
有人可以幫助我瞭解我的程序出了什麼問題,以及如何阻止我的程序解密錯誤的數據。
這裏是我的程序輸出:
Please put in input message
Some Text
Encrypted text is "xJzgOiMzimNOY6UsB+TNw9gUmcpdiZxQq70FxwbmkCc="
Please put in encrypted text to decrypt
xJzgOiMzimNOY6UsB+TNw9gUmcpdiZxQq70FxwbmkCc=
Decrypted text is "Some Text"
Please put in encrypted text to decrypt <<here I have modified "c=" to "d=">>
xJzgOiMzimNOY6UsB+TNw9gUmcpdiZxQq70FxwbmkCd=
Decrypted text is "Some Text"
Enter "Exit" to exit!
AesExample.cs:
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
namespace Aes_Example
{
class AesExample
{
public static void Main()
{
string action, plainText, encryptedText, decryptedText;
Begin:
Console.WriteLine("Please put in input message");
plainText = Console.ReadLine();
encryptedText = Encrypt(plainText);
Console.WriteLine("Encrypted text is \"{0}\"", encryptedText);
Console.WriteLine("Please put in encrypted text to decrypt");
encryptedText = Console.ReadLine();
decryptedText = Decrypt(encryptedText);
Console.WriteLine("Decrypted text is \"{0}\"", decryptedText);
Console.WriteLine("Please put in encrypted text to decrypt");
encryptedText = Console.ReadLine();
decryptedText = Decrypt(encryptedText);
Console.WriteLine("Decrypted text is \"{0}\"", decryptedText);
Console.WriteLine("Enter \"Exit\" to exit!");
action = Console.ReadLine();
if (action.ToUpper() != "EXIT") { goto Begin; }
}
public static string Encrypt(string clearText)
{
string EncryptionKey = "[email protected]#52";
byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
using (AesManaged encryptor = new AesManaged())
{
Rfc2898DeriveBytes pdb = new
Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
{
cs.Write(clearBytes, 0, clearBytes.Length);
cs.Close();
}
clearText = Convert.ToBase64String(ms.ToArray());
}
}
return clearText;
}
public static string Decrypt(string cipherText)
{
string EncryptionKey = "[email protected]#52";
byte[] cipherBytes = Convert.FromBase64String(cipherText);
using (AesManaged encryptor = new AesManaged())
{
Rfc2898DeriveBytes pdb = new
Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
{
cs.Write(cipherBytes, 0, cipherBytes.Length);
cs.Close();
}
cipherText = Encoding.Unicode.GetString(ms.ToArray());
}
}
return cipherText;
}
}
}
歡迎來到StackOverflow! +1爲非常好的問題:) – BradleyDotNET